Vulnerabilities > Autodesk > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-17 | CVE-2020-7081 | Type Confusion vulnerability in Autodesk FBX Software Development KIT A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it. | 9.3 |
| 2020-04-17 | CVE-2020-7080 | Classic Buffer Overflow vulnerability in Autodesk FBX Software Development KIT 2019.0 A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it. | 9.3 |
| 2019-12-03 | CVE-2019-7366 | Classic Buffer Overflow vulnerability in Autodesk FBX Software Development KIT 2019.5 Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. | 9.3 |
| 2014-07-23 | CVE-2014-3939 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Autodesk Sketchbook PRO 6.2.4/6.2.5 Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file. | 9.3 |
| 2014-07-23 | CVE-2014-3938 | Numeric Errors vulnerability in Autodesk Sketchbook PRO 6.2.4/6.2.5 Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow. | 9.3 |
| 2014-07-07 | CVE-2014-2967 | OS Command Injection vulnerability in Autodesk Vred 2014 Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server. | 10.0 |
| 2014-04-02 | CVE-2013-5365 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Autodesk products Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file. | 9.3 |
| 2009-11-24 | CVE-2009-3578 | Code Injection vulnerability in Autodesk Alias Wavefront Maya and Autodesk Maya Autodesk Maya 8.0, 8.5, 2008, 2009, and 2010 and Alias Wavefront Maya 6.5 and 7.0 allow remote attackers to execute arbitrary code via a (1) .ma or (2) .mb file that uses the Maya Embedded Language (MEL) python command or unspecified other MEL commands, related to "Script Nodes." | 9.3 |
| 2009-11-24 | CVE-2009-3577 | Code Injection vulnerability in Autodesk 3DS MAX Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks." | 9.3 |
| 2009-11-24 | CVE-2009-3576 | Code Injection vulnerability in Autodesk Softimage and Autodesk Softimage XSI Autodesk Softimage 7.x and Softimage XSI 6.x allow remote attackers to execute arbitrary JavaScript code via a scene package containing a Scene Table of Contents (aka .scntoc) file with a Script_Content element, as demonstrated by code that loads the WScript.Shell ActiveX control. | 9.3 |